Light bulb hacked


Tuesday, 08 July, 2014


Researchers at Context Information Security have exposed a security weakness in a Wi-Fi-enabled, energy efficient LED light bulb that can be controlled from a smartphone.

By gaining access to the master bulb, Context was able to control all connected light bulbs and expose user network configurations.  The bulb manufacturer LIFX has since worked closely with Context to promptly patch the issue, which is now available as a firmware update.

A spokesperson, Simon Walker from LIFX, says that, “Prior to the patch, no one other than Context had exposed this vulnerability, most likely due to the complexity of the equipment and reverse engineering required.”

The work by Context, a company with offices in Australia, UK and Germany, is part of ongoing research into the security of the emerging Internet of Things (IoT) and raises some questions. “It is clear that in the dash to get onto the IoT bandwagon, security is not being prioritised as highly as it should be in many connected devices,” said Michael Jordon, Research Director, Context.

“We have also found vulnerabilities in other internet-connected devices from home storage systems and printers to baby monitors and children’s toys. IoT security needs to be taken seriously, particularly before businesses start to connect mission-critical devices and systems.”

The LIFX bulb was launched in September 2012 with crowd funding through the Kickstarter website. The architecture, based on the 802.15.4 6LoWPAN wireless mesh network, requires only one bulb to be connected to the Wi-Fi at a time. Context researchers found that they were able to monitor packets on the mesh network and identify the specific packets which shared the encrypted network configuration among the bulbs.

The fix, developed with the help of Context, is included in the new firmware available at http://updates.lifx.co/ and now encrypts all 6LoWPAN traffic, using an encryption key derived from the Wi-Fi credentials. It also includes functionality for secure ‘on boarding’ of new bulbs on to the network.

The detailed steps of gaining access to the device involved accessing the firmware by physically interrogating the device’s embedded microcontrollers to identify and understand the encryption mechanism in use. Armed with knowledge of the encryption algorithm, key, initialisation vector and an understanding of the mesh network protocol, Context was able to inject packets into the mesh network, capture and decrypt the network configurations, all without any prior authentication or alerting of its presence.

“Hacking into the light bulb was certainly not trivial but would be within the capabilities of experienced cybercriminals,” said Michael Jordon. “In some cases, these vulnerabilities can be overcome relatively quickly and easily as demonstrated by working with the LIFX developers. In other cases the vulnerabilities are fundamental to the design of the products. What is important is that these measures are built into all IoT devices from the start and if vulnerabilities are discovered, which seems to be the case with many IoT companies, they are fixed promptly before users are affected.”

For more details, visit: http://contextis.co.uk/blog/hacking-internet-connected-light-bulbs/

Related Articles

When bus depots become energy hubs

While electric buses bring clear benefits to a city, introducing new fleets of electric vehicles...

Astronomy, renewables and 'energy communities'

Building a renewable energy system for a telescope in Chile's Atacama Desert could also cover...

Full colour lighting for a major stadium

An LED lighting upgrade at Adelaide Oval has taken out a top award from the National Electrical...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd